I have the problem that our Clients use too much CPU during a FullScan. Actually, the usage is limited to 20%, but the setting seems to have no effect. Whether I set it via Configuration Manager or GPO, the result is the same. Does anyone have a similar problem or even better... a solution?

Hello philippwree, Refer this guide: https://www.kapilarya.com/limit-cpu-usage-during-a-windows-defender-scan Let us know if this helps! Note: Included link in this reply refers to blog post by a trusted Microsoft MVP. *This reply was updated to make sure it is valid.

MAlv68 I had a ticket open with Microsoft support for months about this but didn't get anywhere. The one useful comment was that a manually run scan will ignore any CPU limits like ScanAvgCPULoadFactor.

I found a way to bypass this and finally fix the issue of high CPU utilisation on Defender for both manual and scheduled scans. I'll go through it step by step below for those who need it:1. Open command prompt (search CMD in the search bar) and run as admin.2. Type:gpeditand hit enter to open the local group policy editor. (If you have Windows Home Edition which does not have local group policy editor, follow this guide first to install it:https://www.howtogeek.com/cannot-find-gpedit-msc-on-windows-11/3. Go to: Computer Configuration/Administrative Templates/Windows Components/Microsoft Defender Antivirus/Scan.4. On the right, double-click on the "Specify the maximum percentage of CPU utilization during a scan" policy.5. Enable this policy and under Options, enter the desired CPU percentage limit.6. Below, double-click on the "Configure local setting override for maximum percentage of CPU utilization" policy, and enable it (Not 100% sure how necessary this step is but it works for me).7. Below that, double-click on the "Configure low CPU priority for scheduled scans" policy, and enable it.8. Below that, double-click on the "CPU throttling type" policy and disable it (very important if you also want your manual scans throttled).And that's that, let me know if it works for you guys, for me it worked mid scan and saw CPU usage drop from 70% to under my specified 30% value after initiating a manual full scan.

Have the same problem as philippwree!In the Configuration Manager, we defined a CPU load of 30% for our windows servers in the default defender policy. The setting has also been correctly transmitted to the agents.Checked local via powershell "Get-MpPreference" and in the registry "HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows Defender \ Scan \ AvgCPULoadFactor". The values are correctly limited to 30%. Despite the throttling, the process "MsMpEng.exe" uses up to 100% CPU for scheduled and manual defender scans (full and quick). Possibly a bug in a microsoft defender update?

Did you find any solution for the Windows Defender problem philippwree? We are currently distributing the load on our host by running the scans of the VMs at different times. However, we still have the problem with the load on the CPU.

Limit Windows Defender CPU Usage | Microsoft Community Hub

19 Replies

Kapil_Madaan
Copper Contributor
Jan 13, 2025
This might help.

https://learn.microsoft.com/en-us/powershell/module/defender/set-mppreference?view=windowsserver2022-ps#-scanavgcpuloadfactor
Daniel_Larsson
Copper Contributor
Oct 14, 2020
philippwree We have the same issue, CPU limit is completely ignored. Is there a solution anywhere? iv been searching but cant find anything usefull
- mongrel15
  Copper Contributor
  Oct 14, 2020
  Daniel_Larsson In your antimalware policy under “Scheduled Scans”, switch the option “Start a scheduled scan only when the computer is idle” to no. That solved the problem for us.
  It seems that the check by Microsoft is flawed. If Endpoint thinks the system is idle, he ignores the CPU limit.
  - AJP123
    Copper Contributor
    Jan 15, 2021
    mongrel15
    Changing the following setting to NO doesn't make any difference for us - "Start a scheduled scan only when the computer is idle” / "“ScanOnlyIfIdle” doesn't make any difference for us.
    
    I tried setting "AvgCPULoadFactor"n in the registry to 1% and it would still hit up to 68%.
mongrel15
Copper Contributor
Aug 31, 2020
Did you find any solution for the Windows Defender problem philippwree?

We are currently distributing the load on our host by running the scans of the VMs at different times. However, we still have the problem with the load on the CPU.
mongrel15
Copper Contributor
Jul 14, 2020
Have the same problem as philippwree!
In the Configuration Manager, we defined a CPU load of 30% for our windows servers in the default defender policy. The setting has also been correctly transmitted to the agents.
Checked local via powershell "Get-MpPreference" and in the registry "HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows Defender \ Scan \ AvgCPULoadFactor". The values are correctly limited to 30%.

Despite the throttling, the process "MsMpEng.exe" uses up to 100% CPU for scheduled and manual defender scans (full and quick).

Possibly a bug in a microsoft defender update?
- DanXC
  Copper Contributor
  Feb 20, 2024
  Yes... It would be great if the setting actually worked, eh?
  😞
KapilArya
MVP
Jul 11, 2020
Hello philippwree,

Refer this guide:

https://www.kapilarya.com/limit-cpu-usage-during-a-windows-defender-scan

Let us know if this helps!

Note: Included link in this reply refers to blog post by a trusted Microsoft MVP.

*This reply was updated to make sure it is valid.
- rahul_malgun
  Copper Contributor
  Feb 20, 2024
  Hello do we got any solution for the cpu utilization which is consuming more than 80 % for the antimalware service executable ?

Forum Discussion

Limit Windows Defender CPU Usage

19 Replies

Resources